... I just searched the source tree. The only user-level code I found
that uses IP_HDRINCL is traceroute and mrouted, both of which pass
in zero for ip_off, and pass in ip_len in native byte order.
If that's the intended user/kernel interface, then fixing the
section-4 IP manpage to explicilty indicate that, and fixing ip_output
to not crash with a network-order ip_len (necessary on little-endian
machines only:)) would also be a workable fix. Raw sockets are, after
all, meant to give an in-kernel like interface.
I didn't say so explicitly the first time, but I just think the
endian-ness of the interface should be (a) documented, and (b)
shouldn't panic if the user injects a bad packet with a "bad" IP
length.
And of course, I cut-and-pasted the wrong NTOHS() out of ip_input
it should be NOTHS(ip->ip_len) , not NTOHS(ip->ip_id)).
If the IP_HDIRINCL interface should use network byte order,
then perhaps making the "Convert fields to host representation",
a macro or function, and using it in rip_input() and ipintr(), would
be good software engineering.